* Add method to retrieve peer's applied posture checks
* Add posture checks in server response and update proto messages
* Refactor
* Extends peer metadata synchronization through SyncRequest and propagate posture changes on syncResponse
* Remove account lock
* Pass system info on sync
* Fix tests
* Refactor
* resolve merge
* Evaluate process check on client (#1749)
* implement server and client sync peer meta alongside mocks
* wip: add check file and process
* Add files to peer metadata for process check
* wip: update peer meta on first sync
* Add files to peer's metadata
* Evaluate process check using files from peer metadata
* Fix panic and append windows path to files
* Fix check network address and files equality
* Evaluate active process on darwin
* Evaluate active process on linux
* Skip processing processes if no paths are set
* Return network map on peer meta-sync and update account peer's
* Update client network map on meta sync
* Get system info with applied checks
* Add windows package
* Remove a network map from sync meta-response
* Update checks proto message
* Keep client checks state and sync meta on checks change
* Evaluate a running process
* skip build for android and ios
* skip check file and process for android and ios
* bump gopsutil version
* fix tests
* move process check to separate os file
* refactor
* evaluate info with checks on receiving management events
* skip meta-update for an old client with no meta-sync support
* Check if peer meta is empty without reflection
This PR implements the following posture checks:
* Agent minimum version allowed
* OS minimum version allowed
* Geo-location based on connection IP
For the geo-based location, we rely on GeoLite2 databases which are free IP geolocation databases. MaxMind was tested and we provide a script that easily allows to download of all necessary files, see infrastructure_files/download-geolite2.sh.
The OpenAPI spec should extensively cover the life cycle of current version posture checks.
